<?php 
		//vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv 
		//   You may change maxsize, and allowable upload file types. 
		//^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 
		//Mmaximum file size. You may increase or decrease. 
		$MAX_SIZE = 20000000; 
		                             
		//Allowable file Mime Types. Add more mime types if you want 
		$FILE_MIMES = array('image/jpeg','image/jpg','image/gif' 
		                   ,'image/png','application/msword', 'audio/mpeg' 
		                   ,'audio/basic','audio/midi','audio/x-aiff'.'audio/x-mpegurl' 
		                   ,'audio/x-pn-realaudio','audio/x-wav','video/mpeg','video/quicktime' 
		                   ,'video/vnd.mpegurl','video/x-msvideo','video/x-sgi-movie' 
		                   ,'image/bmp'); 
		
		//Allowable file ext. names. you may add more extension names.             
		/*$FILE_EXTS  = array('.zip','.jpg','.png','.gif','.bmp','.au ','.snd','.mid','. midi','. rar ' 
		               ,'.mpga','. mp2','. mp3 ','.aif','. aiff','. aifc ','.m3u','.ram','. ra' 
		               ,'.wav','.wma','.mpeg',' .mpg',' .mpe ','.qt','. mov','.mxu','. m4u','.apk' 
		               ,'.avi','.movie'); */
		                
		$FILE_EXTS  = array('.apk');
		
		//Allow file delete? no, if only allow upload only 
		$DELETABLE  = true;                                
		
		
		//vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv 
		//   Do not touch the below if you are not confident. 
		//^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 
		/************************************************************ 
		 *     Setup variables 
		 ************************************************************/ 
		$site_name = $_SERVER['HTTP_HOST']; 
		$url_dir = "http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']); 
		$url_this =  "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']; 
		
		$upload_dir = "files/"; 
		$upload_url = $url_dir."/files/"; 
		$message =""; 
		
		/************************************************************ 
		 *     Create Upload Directory 
		 ************************************************************/ 
		if (!is_dir("files")) { 
		  if (!mkdir($upload_dir)) 
		      die ("upload_files directory doesn't exist and creation failed"); 
		  if (!chmod($upload_dir,0755)) 
		      die ("change permission to 755 failed."); 
		} 
		
		/************************************************************ 
		 *     Process User's Request 
		 ************************************************************/ 
		if ($_REQUEST[del] && $DELETABLE)  { 
			
		  $resource = fopen("log.txt","a"); 
		  fwrite($resource,date("Ymd h:i:s")."DELETE - $_SERVER[REMOTE_ADDR]"."$_REQUEST[del]\n"); 
		  fclose($resource); 
		   
		  if (strpos($_REQUEST[del],"/.")>0);                  //possible hacking 
		  else if (strpos($_REQUEST[del],$upload_dir) === false); //possible hacking 
		  else if (substr($_REQUEST[del],0,6)==$upload_dir) { 
		    unlink($_REQUEST[del]); 
		    print "<script>window.location.href='$url_this?message=deleted successfully'</script>"; 
		  } 
		} 
		else if ($_FILES['userfile']) { 
		  $resource = fopen("log.txt","a"); 
		  fwrite($resource,date("Ymd h:i:s")."UPLOAD - $_SERVER[REMOTE_ADDR]" 
		            .$_FILES['userfile']['name']." " 
		            .$_FILES['userfile']['type']."\n"); 
		  fclose($resource); 
		
		    $file_type = $_FILES['userfile']['type'];  
		  $file_name = $_FILES['userfile']['name']; 
		  $file_ext = strtolower(substr($file_name,strrpos($file_name,"."))); 
		
		  //File Size Check 
		  if ( $_FILES['userfile']['size'] > $MAX_SIZE)  
		     $message = "The file size is over 2MB."; 
		  //File Type/Extension Check 
		  else if (!in_array($file_type, $FILE_MIMES)  
		          && !in_array($file_ext, $FILE_EXTS) ) 
		     $message = "Sorry, $file_name($file_type) is not allowed to be uploaded."; 
		  else 
		     $message = do_upload($upload_dir, $upload_url); 
		   
		  print "<script>window.location.href='$url_this?message=$message'</script>"; 
		} 
		else if (!$_FILES['userfile']); 
		else  
		    $message = "Invalid File Specified."; 
		
		/************************************************************ 
		 *     List Files 
		 ************************************************************/ 
		$handle=opendir($upload_dir); 
		$filelist = ""; 
		while ($file = readdir($handle)) { 
		   if(!is_dir($file) && !is_link($file)) { 
		      $filelist .= "<a href='$upload_dir$file'>".$file."</a>"; 
		      if ($DELETABLE) 
		        $filelist .= " <a href='?del=$upload_dir$file' title='delete'>x</a>"; 
		      $filelist .= "<sub><small><small><font color=grey>  ".date("d-m H:i", filemtime($upload_dir.$file)) 
		                   ."</font></small></small></sub>"; 
		      $filelist .="<br>"; 
		   } 
		} 
		
		function do_upload($upload_dir, $upload_url) { 
		
		    $temp_name = $_FILES['userfile']['tmp_name']; 
		    $file_name = $_FILES['userfile']['name'];  
		  $file_name = str_replace("\\","",$file_name); 
		  $file_name = str_replace("'","",$file_name); 
		    $file_path = $upload_dir.$file_name; 
		
		    //File Name Check 
		  if ( $file_name =="") {  
		      $message = "Invalid File Name Specified"; 
		      return $message; 
		  } 
		
		  $result  =  move_uploaded_file($temp_name, $file_path); 
		  if (!chmod($file_path,0777)) 
		       $message = "change permission to 777 failed."; 
		  else 
		    $message = ($result)?"$file_name uploaded successfully." : 
		               "Somthing is wrong with uploading a file."; 
		  return $message; 
		} 
		
?> 

<center> 
   <font color=red><?=$_REQUEST[message]?></font> 
   <br> 
   	<form name="upload" id="upload" ENCTYPE="multipart/form-data" method="post"> 
     	Upload File <input type="file" id="userfile" name="userfile"> 
     	<input type="submit" name="upload" value="Upload"> 
    </form> 
    
   <br><b>My Files</b> 
   <hr width=70%> 
   <?=$filelist?> 
   <hr width=70%> 
  
</center>